In a Hybrid Work Environment, Security Is a Business Enabler

If you want to fully take advantage of the business advantages that come with the cloud, you need a security solution that goes beyond allow-deny access.

SPONSORED by Lookout, Sundaram Lakshmanan, Chief Technology Officer

March 31, 2023

4 Min Read
InformationWeek logo in a gray background | InformationWeek

The cloud has changed the way we work -- for the better. Employees are no longer tied down to specific office locations or corporate-issued devices. Instead, they can be productive from anywhere, using all sorts of devices. Your users can now get their work done in a home office using a company laptop or play catch-up in a coffee shop using a personal smartphone. When your organization embraces the cloud, you're also embracing convenience and flexibility that will boost productivity and enable business success.

But this flexibility comes with some complications. The lines between work and life are blurrier than ever before. An employee could access a corporate Google Workspace account from a personal device, and it would only take one forgetful instance for sensitive company data to make its way over to their personal Google account or device. Unfortunately, your legacy security tools simply aren't built for this kind of work environment.

Perimeter-based security tools work by strictly controlling access to corporate resources. Those inside the perimeter get access, those outside the perimeter don't. But if you try to implement that approach in a hybrid work environment, you'll end up undoing all the productivity gains that come from this new way of working -- and you could end up exposing your organization to cloud-based risks.

If you want to fully take advantage of the business advantages that come with the cloud, you need a security solution that goes beyond allow-deny access.

Security That Follows Data

Legacy security tools expect your employees to follow rigid policies that dictate where they work and on what devices, which flies in the face of a hybrid working style. In the past, you may have used something like a virtual private network (VPN) or single sign-on (SSO) to grant access to those working offsite, but even though these tools can authenticate users at time of access, they can’t prevent malicious activities after access has been granted. Instead, you need a flexible approach to security that works everywhere and doesn’t expose you to unnecessary risks.

You can do this by focusing on the data. If you know where your business-critical data resides -- whether that's in SaaS apps, private apps, or on personal devices -- you can implement more nuanced security policies that are designed to enable, not hinder, hybrid workers. By taking into account things like user behavior, device health, what apps are being used, and what data users are seeking access to, your IT and security teams can make intelligent decisions about access, ensuring that people connect to what they need when they need it without being overly permissive.

Visibility is actually one half of the battle. In order to efficiently provide access to your hybrid workers while protecting data, you also need the ability to enforce policies on data itself. Layer data prevention loss (DLP) capabilities onto your secure access controls so you can seamlessly grant access to corporate resources based on data sensitivity levels and user and endpoint risk. You can also proactively protect data using enterprise digital rights management (EDRM), which encrypts sensitive data in real time, so even if it falls into the hands of bad actors, it's still protected.

A Converged Approach to Security Is Your Biggest Asset

Investing in cloud technologies is one of the best ways to set your organization up for success -- but if you do that, you must also invest in a security solution to match. Legacy tools require you to sacrifice productivity for security, which will undo all the benefits of the cloud. With a holistic data protection strategy, not only can you be confident that your data is staying secure, but you’re also giving your business a leg up.

A unified, cloud-native approach gives you the ability to implement DLP and enforce data protection policies across your entire business infrastructure, while at the same time ensuring that employees have seamless access to the resources they need to do their jobs. Your users can use their own devices and networks to access corporate data in the cloud, and your IT and security teams still have the visibility and control they need to safeguard sensitive information.

In today’s work environment, flexibility is no longer the exception, it’s the rule, and by focusing on data protection, your organization can stay secure without sacrificing productivity, thus turning security into a business enabler.

Sundaram Lakshmanan is the Chief Technology Officer at Lookout. He brings over 20+ years of network and security product development experience and has a successful track record of delivering innovative first-to-market and market-leading security products, as well as leading the global engineering team. Prior to Lookout he was the founder and CEO/CTO of Anicut Systems, a Distinguished Engineer at Juniper Networks, and held senior positions at Blue Coat (now Symantec).

About the Author

SPONSORED by Lookout

Sundaram Lakshmanan, Chief Technology Officer

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights